LDAP Confluence syncronization

While experimenting to sync LDAP to Confluence we synced more than 400 user accounts by setting thee wrong user object filter. Now we have the correct user object filter. How can I delete those user accounts and resyncronize to get only the accounts that fulfill the filter criteria?

How long would it generally take to syncronize? We keep getting timeout errors? We have more than 100000 users.



2 answers

Hi Ravi,

Regarding the synchronization, sometimes it needs to flush the directory cache after a modification in the directory configuration.

You can flush the cache by disabling the LDAP directory, enabling it again and manually triggering the synchronization. After this you should see the correct list of users that match the LDAP filter.


Hi Ravi,

From your amount of users we highly recommend you to consider delegation method instead of syncrhonization connector method due to its limitation as describe here.

If you prefer to use sycnrhonization we recommend you to create multiple directories and configure it in a way so each directories does not pull more users than the recommended limit mentioned here also make sure it would not trigger the synchornization in the same time.

Hope it helps.

Septa Cahyadiputra


Thanks for the information. I think this makes more sense in our case. How ever, I am confused on how user accounts will be created in Confluence when using delegation method.

From my understanding, I will create an internal directory with LDAP and provide all the criteria on searching user objects. I am not sure about the next step of actually having a user account created and assigned privileges in Confluence.

By checking on the option of Create User on Login, I was able to create a user in Confluence when the user tries to log in, but the user sees an error page saying he does not have any permissions. I had to then manually go to his user id and assign him into proper groups. Though this works, I am trying to see if my administrator can create an user account which authenticates with the internal LDAP delegation, assign proper groups to that user account and then send a notification email out to the user. That would be an ideal scenario for us. Also, our user names are not lowercase.

Can you please provide some insight into that?



Suggest an answer

Log in or Sign up to answer
Community showcase

Scrum Roles Explained: the Do's and the Don'ts

Hello Community,  Today we are going to talk about the three Scrum Roles. There is the Development Team, the Scrum Master and the Product Owner. In my opinion these three are all really impo...

50 views 0 4
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you